About Area 1 Security

The industry’s most comprehensive anti-phishing solution, Area 1 Horizon identifies threat campaigns, attacker infrastructure, and delivery mechanisms to stop targeted phishing attacks during the earliest stages of an attack cycle.

Backed by top tier investors, Area 1 Security is led by security and data analytics experts from NSA, USCYBERCOM, Cisco/IronPort, and FireEye who realized a pressing need for a proactive solution to targeted phishing attacks. Area 1 Security works with some of the most sophisticated organizations in the world, including F500 banks, insurance companies, and health care providers, to preempt targeted phishing attacks and help change outcomes.

Area 1 Security uses a big data platform to identify targeted phishing attacks early and stop them. Founded by those who led and built the big data and analytics infrastructure for the National Security Agency (NSA), the company eliminates the threat from phishing, which remains the number one way hackers breach businesses, steal data, and cause financial damage. Area 1 Security gives customers the ability to change outcomes and protect themselves.

Area 1 Security uses a cloud-based service to uniquely identify targeted attacks based on the infrastructure and delivery mechanisms attackers use. The company analyzes a vast amount of information daily using sensors across the internet, a high-speed web crawler that spiders up to six billion URLs every month, and a distributed sensor network that gathers billions of network events in a day. It sends that information to a massive data warehouse for analysis where it is processed to discover emerging and ongoing cyberattacks. The company turned to Google Cloud Platform for its scalability, performance, and sophisticated data analytics tools.

Identifying cyber threats faster

Area 1 Security’s total attack data warehouse contains more than approximately 3 petabytes, including a quarter of a trillion attack metadata records. Additionally, the company’s service needs to analyze over 3 billion events every day. To do that, the company uses a variety of Google Cloud Platform tools to host and analyze massive streams of information.

“With Google Cloud Platform, we can be agile and quick, while having a minimal operational staff,” says Phil.

The company’s data is stored in Google Cloud Storage, and Google Cloud Dataflow streams data to Google BigQuery and Google Cloud Bigtable. Google BigQuery, which hosts a database of more than 330 billion rows, performs analysis and ad hoc queries that help Area 1 Security quickly identify impending attacks. The company realized that when querying large datasets, Google BigQuery is the only cloud-based solution capable of handling a data set this size within the SLA required for its enterprise customers.

“When it comes to identifying security threats, speed and time are of the essence. With Google Cloud Platform, our platform gets answers in 30 to 60 seconds when querying a massive data set, which in turn allows us to rapidly protect our customers before attackers breach their network.”

—Phil Syme, Chief Technology Officer, Area 1 Security

A curated set of attack and phishing data is sent to Google Cloud Bigtable for fast searches. Area 1 Security then uses its cloud services to take action against phishing attacks before they cause damage to customers.

“When it comes to identifying security threats, speed and time are of the essence,” says Phil. “With Google Cloud Platform, our platform gets answers in 30 to 60 seconds when querying a massive data set, which in turn allows us to rapidly protect our customers before attackers breach their network.”

Built from the ground up for security

Given recent breaches and state-sponsored vulnerabilities in off-the-shelf networking equipment, Area 1 Security sought a public cloud provider that could provide the security to run its systems.

“Google Cloud Platform has its own purpose-built chips, servers, storage, network, and data centers,” says Phil. “Google’s dedication to hardened security across the entire infrastructure means that Area 1 Security can trust the software that we run in Google Cloud Platform to be secure.”

Big data helps identify big threats

Google Cloud Platform helps Area 1 Security find threats, saves the company money, and lets its engineers focus on predictive analytics to find threats instead of running data center infrastructure. Digging through massive amounts of big data to find the small patterns that signal an early attack takes an enormous amount of computing, and Google Cloud Platform provides the power to do it.

“We didn’t have the time or resources to build our own infrastructure at large scale,” adds Phil. “With Google Cloud Platform we got an instant data warehouse and a fast, comprehensive search. We’ve saved many person years of engineering effort, so we can provide a unique security service for our customers.”

About Area 1 Security

The industry’s most comprehensive anti-phishing solution, Area 1 Horizon identifies threat campaigns, attacker infrastructure, and delivery mechanisms to stop targeted phishing attacks during the earliest stages of an attack cycle.

Backed by top tier investors, Area 1 Security is led by security and data analytics experts from NSA, USCYBERCOM, Cisco/IronPort, and FireEye who realized a pressing need for a proactive solution to targeted phishing attacks. Area 1 Security works with some of the most sophisticated organizations in the world, including F500 banks, insurance companies, and health care providers, to preempt targeted phishing attacks and help change outcomes.